TrustPort eSign PRO: Command Line - Configuration file contents

Using the configuration file

Using the configuration file you can save some options. It is possible to use them as default possibilities unless you specified them in other way by commandline parameters. You can use your own configuration file with parameter
--inifile=filename
, e.g.
esign --inifile=my.ini
, default configuration file may be used by parameter
-u
or
--useconfig
.

The configuration file is divided into sections
USER
,
USAGE
,
OTHER
and
SEARCH
. All sections and all items within them are optional and could be omitted.

Section USER

Contains information about the certificate owner:

COMMONNAME
... name of certificate owner (person, IP address,...),

ORGNAME
... name of the organization,

ORGUNIT
... name of the unit in organization,

POSTADDR
... organization address,

COUNTRY
... two letters long country shortcut,

TLFNUMBER
... phone number,

EMAIL
... e-mail.

You need to specify name and e-mail to have a reasonable information in certificate.

Section USAGE

Contains information about the usage of the certificate:

SIGNATURE
... using the key for signing, only two values are allowed here - 1 or 0,

ENCRYPHERMENT
... using the key for encrypting, only two values are allowed here - 1 or 0,

KEYAGREEMENT
... using the key for negotiation about key, only two values are allowed here - 1 or 0,

SERVERAUTHENTICATION
... the certificate will (not) be used for server authentication, only two values are allowed here - 1 or 0,

CLIENTAUTHENTICATION
... the certificate will (not) be used for client authentication, only two values are allowed here - 1 or 0,

CODESIGNING
... the certificate will (not) be used for code signing, only two values are allowed here - 1 or 0,

SECUREEMAIL
... the certificate will (not) be used for securing e-mails, only two values are allowed here - 1 or 0,

ENCALG
... the algorithm used for encrypting, allowed values are 3DES, DES, RC2, Cast or Rijndael,

PUBKEYALG
... public key algorithm, used when generating the key pair, allowed values are RSA, DSA, DH or ELLIPTIC.

Section SEARCH

This section contains flags which affect the searching for certificates through patterns (parameter
-O
), any of these flags might only be set to either 1 or 0:

ALIAS
,

OWNERKEYID
,

ISSSUERHASH
,

EMAIL
,

PUBKEYHASH
,

CAISSSUERHASH
,

OWNERHASH
,

ISSUERKEYID
,

COMMONNAME
.

If you use at least one of these parameters and you arbitrary omit another one, the behavior of application will be same as though the letter parameter was given with value 0. If none of these parameters is used so even if you used configuration file, the search will be performed by all of these parameters (default behaviour).